profxadke/misskey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

enhance(server): add rate limits for some endpoints

Browse source
This commit is contained in:
syuilo 2023-01-14 15:59:15 +09:00
parent 51b8d4ae3e
commit 7df3ca7388
7 changed files with 35 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -83,6 +83,7 @@ You should also include the user name that made the change.
- Server: Judge instance block by endsWith @tamaina - Server: Judge instance block by endsWith @tamaina
- Server: improve note scoring for featured notes @CyberRex0 - Server: improve note scoring for featured notes @CyberRex0
- Server: アンケート選択肢の文字数制限を緩和 @syuilo - Server: アンケート選択肢の文字数制限を緩和 @syuilo
- Server: add rate limits for some endpoints @syuilo
- Server: improve stats api performance @syuilo - Server: improve stats api performance @syuilo
- Server: improve nodeinfo performance @syuilo - Server: improve nodeinfo performance @syuilo
- Server: delete outdated notifications regularly to improve db performance @syuilo - Server: delete outdated notifications regularly to improve db performance @syuilo

4
packages/backend/src/server/api/endpoints/blocking/create.ts
View file

@ -5,15 +5,15 @@ import type { UsersRepository, BlockingsRepository } from '@/models/index.js';
import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { UserEntityService } from '@/core/entities/UserEntityService.js';
import { UserBlockingService } from '@/core/UserBlockingService.js'; import { UserBlockingService } from '@/core/UserBlockingService.js';
import { DI } from '@/di-symbols.js'; import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js'; import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = { export const meta = {
tags: ['account'], tags: ['account'],
limit: { limit: {
duration: ms('1hour'), duration: ms('1hour'),
max: 100, max: 20,
}, },
requireCredential: true, requireCredential: true,

6
packages/backend/src/server/api/endpoints/channels/create.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import type { ChannelsRepository, DriveFilesRepository } from '@/models/index.js'; import type { ChannelsRepository, DriveFilesRepository } from '@/models/index.js';
import type { Channel } from '@/models/entities/Channel.js'; import type { Channel } from '@/models/entities/Channel.js';
@ -14,6 +15,11 @@ export const meta = {
kind: 'write:channels', kind: 'write:channels',
limit: {
duration: ms('1hour'),
max: 10,
},
res: { res: {
type: 'object', type: 'object',
optional: false, nullable: false, optional: false, nullable: false,

8
packages/backend/src/server/api/endpoints/clips/add-note.ts
View file

@ -1,10 +1,11 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import { IdService } from '@/core/IdService.js'; import { IdService } from '@/core/IdService.js';
import { DI } from '@/di-symbols.js'; import { DI } from '@/di-symbols.js';
import type { ClipNotesRepository, ClipsRepository } from '@/models/index.js'; import type { ClipNotesRepository, ClipsRepository } from '@/models/index.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js'; import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = { export const meta = {
tags: ['account', 'notes', 'clips'], tags: ['account', 'notes', 'clips'],
@ -13,6 +14,11 @@ export const meta = {
kind: 'write:account', kind: 'write:account',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: { errors: {
noSuchClip: { noSuchClip: {
message: 'No such clip.', message: 'No such clip.',

8
packages/backend/src/server/api/endpoints/mute/create.ts
View file

@ -1,12 +1,13 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import { IdService } from '@/core/IdService.js'; import { IdService } from '@/core/IdService.js';
import type { MutingsRepository } from '@/models/index.js'; import type { MutingsRepository } from '@/models/index.js';
import type { Muting } from '@/models/entities/Muting.js'; import type { Muting } from '@/models/entities/Muting.js';
import { GlobalEventService } from '@/core/GlobalEventService.js'; import { GlobalEventService } from '@/core/GlobalEventService.js';
import { DI } from '@/di-symbols.js'; import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js'; import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = { export const meta = {
tags: ['account'], tags: ['account'],
@ -15,6 +16,11 @@ export const meta = {
kind: 'write:mutes', kind: 'write:mutes',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: { errors: {
noSuchUser: { noSuchUser: {
message: 'No such user.', message: 'No such user.',

6
packages/backend/src/server/api/endpoints/notes/favorites/create.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import type { NoteFavoritesRepository } from '@/models/index.js'; import type { NoteFavoritesRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js'; import { IdService } from '@/core/IdService.js';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
@ -13,6 +14,11 @@ export const meta = {
kind: 'write:favorites', kind: 'write:favorites',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: { errors: {
noSuchNote: { noSuchNote: {
message: 'No such note.', message: 'No such note.',

6
packages/backend/src/server/api/endpoints/users/lists/push.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import type { UserListsRepository, UserListJoiningsRepository, BlockingsRepository } from '@/models/index.js'; import type { UserListsRepository, UserListJoiningsRepository, BlockingsRepository } from '@/models/index.js';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import { GetterService } from '@/server/api/GetterService.js'; import { GetterService } from '@/server/api/GetterService.js';
@ -15,6 +16,11 @@ export const meta = {
description: 'Add a user to an existing list.', description: 'Add a user to an existing list.',
limit: {
duration: ms('1hour'),
max: 30,
},
errors: { errors: {
noSuchList: { noSuchList: {
message: 'No such list.', message: 'No such list.',